Worth noting that RFC5480 disallows custom ECC curves for PKIX, and of course they are also verboten in the WebPKI. But both crypt32 and OpenSSL seem to support it.
-
OpenSSL seems to have been aware of the problem at some point?https://github.com/openssl/openssl/issues/7045#issuecomment-415459374 …
-
-
Unfortunate that they had the three facts "OpenSSL 1.0 implements this" and "this is FORBIDDEN by the spec" and "OpenSSL 1.0 is widely used and being maintained by us" and did not come to the conclusion of opening a security bug against 1.0 but that's how it goes
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.